5

I have two service to build a Spring Boot application

But I always got CORS problems like this

Access to XMLHttpRequest at '.../websocket-cr/info?t=1581585481804' from origin'http://localhost:8080' 
has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin'
header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. 
The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials.

Springboot service on 8082

    public void registerStompEndpoints(StompEndpointRegistry registry) {
       registry.addEndpoint("/websocketcr").
       setAllowedOrigins("http://localhost:8080").withSockJS();
    }

Angular service on 8080

    var socket = new SockJS('http://localhost:8080/websocket-cr');
    //socket.withCredentials = true ;
    stompClient = Stomp.over(socket);

I have tried

    setAllowedOrigins("http://localhost:8080").withSockJS();
    setAllowedOrigins("*").withSockJS();

or use CORS Anywhere in javascript

    var socket = new SockJS('http://cors-anywhere.herokuapp.com/http://localhost:8082/websocket-cr');
    socket.withCredentials = true ;

and what is the best way to done that

should I make angular proxy to my backend server?

or it is ok by setAllowedOrigins('host:port')

Improve this question
3

3 Answers 3

Reset to default
0

In your Main class of the SpringBoot service , inject the below bean,it will work

@Bean
public WebMvcConfigurer corsConfigurer() {
    return new WebMvcConfigurer () {
        @Override
        public void addCorsMappings(CorsRegistry registry) {
            registry.addMapping("/**").allowedMethods("GET", "POST", "PUT", "DELETE").allowedHeaders("*")
                    .allowedOrigins("*");
        }
    };
}
Improve this answer
-1

Sorry for coming late to this Party. I am using here STOMP JS in angular 8 with springboot working demo you need to add WebSocketConfig class to configure things for Socket and For controller separately if you need it.

Configuration Class

import org.springframework.context.annotation.Configuration;
import org.springframework.messaging.simp.config.MessageBrokerRegistry;
import org.springframework.web.socket.config.annotation.EnableWebSocketMessageBroker;
import org.springframework.web.socket.config.annotation.StompEndpointRegistry;
import org.springframework.web.socket.config.annotation.WebSocketMessageBrokerConfigurer;

@Configuration
@EnableWebSocketMessageBroker
public class WebSocketConfig implements WebSocketMessageBrokerConfigurer {

    @Override
    public void configureMessageBroker(MessageBrokerRegistry config) {
        config.enableSimpleBroker("/topic");
        config.setApplicationDestinationPrefixes("/app");
    }

    @Override
    public void registerStompEndpoints(StompEndpointRegistry registry) {
        registry.addEndpoint("/ws")
        .setAllowedOrigins("*")
        //.setAllowedOrigins("http://localhost:4200").setAllowedOrigins("http://localhost:8081")
        .withSockJS();
    }
}

ref Another Help from Spring people

In Controller Class just add 

@Controller
@CrossOrigin(origins = "*")
public class LogsController {
..
}

And answer will be updated for authentication/authorization sooner and later.

Improve this answer
1
-3

Simply just add @CrossOrigin annotation on top of the class. It's work perfectly. For example:

@RestController
@CrossOrigin(origins = "*")
public class YourController {
    .....
}
Improve this answer

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Not the answer you're looking for? Browse other questions tagged or ask your own question.